rpms/glibc
6
0
Fork 2
Code Issues Pull Requests Releases Activity
b520db1431
glibc/glibc-upstream-2.39-239.patch
Arjun Shankar 53f4d259fa Sync with upstream branch release/2.39/master (RHEL-109536) 
Upstream commit: fffc2df8a3e2c8cda2991063d23086360268b777

- i386: Provide GLIBC_ABI_GNU_TLS symbol version [BZ #33221]
- i386: Update ___tls_get_addr to preserve vector registers
- Extend struct r_debug to support multiple namespaces (RHEL-101985)
- Fix a potential crash in the dynamic loader when processing specific
  symbol versions (RHEL-109683)
- Signal la_objopen for ld.so with dlmopen (RHEL-109693)
- Switch to main malloc after final ld.so self-relocation (RHEL-109703)
- Prevent ld.so from asserting and crashing during audited library loads
  (RHEL-109702)
- x86-64: Provide GLIBC_ABI_DT_X86_64_PLT symbol version (RHEL-109621)
- x86-64, i386: Provide GLIBC_ABI_GNU2_TLS symbol version (RHEL-109625)
- Ensure fallback initialization of ctype TLS data pointers to fix segfaults in
  programs using dlmopen or auditors (RHEL-72018)
- Handle load segment gaps in _dl_find_object (RHEL-104854)
- AArch64: Improve codegen in SVE log1p
- AArch64: Optimize inverse trig functions
- AArch64: Avoid memset ifunc in cpu-features.c [BZ #33112]

Resolves: RHEL-109536

Resolves: RHEL-72018
Resolves: RHEL-101985
Resolves: RHEL-104854
Resolves: RHEL-109621
Resolves: RHEL-109625
Resolves: RHEL-109683
Resolves: RHEL-109693
Resolves: RHEL-109702
Resolves: RHEL-109703
2025-08-21 10:25:39 +02:00

205 lines
6.4 KiB
Diff
Raw Blame History

commit 4f145bb35d5aed0cb102ba2a7b05aec1cf980672
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Nov 6 10:33:44 2024 +0100
elf: Switch to main malloc after final ld.so self-relocation
Before commit ee1ada1bdb8074de6e1bdc956ab19aef7b6a7872
("elf: Rework exception handling in the dynamic loader
[BZ #25486]"), the previous order called the main calloc
to allocate a shadow GOT/PLT array for auditing support.
This happened before libc.so.6 ELF constructors were run, so
a user malloc could run without libc.so.6 having been
initialized fully. One observable effect was that
environ was NULL at this point.
It does not seem to be possible at present to trigger such
an allocation, but it seems more robust to delay switching
to main malloc after ld.so self-relocation is complete.
The elf/tst-rtld-no-malloc-audit test case fails with a
2.34-era glibc that does not have this fix.
Reviewed-by: DJ Delorie <dj@redhat.com>
(cherry picked from commit c1560f3f75c0e892b5522c16f91b4e303f677094)
diff --git a/elf/Makefile b/elf/Makefile
index 479ef766c8f955f2..91fd05c9c0e6084a 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -453,6 +453,9 @@ tests += \
tst-recursive-tls \
tst-relsort1 \
tst-ro-dynamic \
+ tst-rtld-no-malloc \
+ tst-rtld-no-malloc-audit \
+ tst-rtld-no-malloc-preload \
tst-rtld-run-static \
tst-single_threaded \
tst-single_threaded-pthread \
@@ -3152,3 +3155,9 @@ $(objpfx)tst-dlopen-sgid.out: $(objpfx)tst-dlopen-sgid-mod.so
tst-dlopen-auditdup-ENV = LD_AUDIT=$(objpfx)tst-dlopen-auditdup-auditmod.so
$(objpfx)tst-dlopen-auditdup.out: \
$(objpfx)tst-dlopen-auditdupmod.so $(objpfx)tst-dlopen-auditdup-auditmod.so
+
+# Reuse an audit module which provides ample debug logging.
+tst-rtld-no-malloc-audit-ENV = LD_AUDIT=$(objpfx)tst-auditmod1.so
+
+# Any shared object should do.
+tst-rtld-no-malloc-preload-ENV = LD_PRELOAD=$(objpfx)tst-auditmod1.so
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 451932dd03e971b8..ee590edf93824d9b 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -338,8 +338,7 @@ _dl_non_dynamic_init (void)
call_function_static_weak (_dl_find_object_init);
/* Setup relro on the binary itself. */
- if (_dl_main_map.l_relro_size != 0)
- _dl_protect_relro (&_dl_main_map);
+ _dl_protect_relro (&_dl_main_map);
}
#ifdef DL_SYSINFO_IMPLEMENTATION
diff --git a/elf/rtld.c b/elf/rtld.c
index 41f8c329772b2b7a..ff938186738e8a87 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2368,30 +2368,27 @@ dl_main (const ElfW(Phdr) *phdr,
/* Make sure no new search directories have been added. */
assert (GLRO(dl_init_all_dirs) == GL(dl_all_dirs));
- /* Re-relocate ourselves with user-controlled symbol definitions.
-
- We must do this after TLS initialization in case after this
- re-relocation, we might call a user-supplied function
- (e.g. calloc from _dl_relocate_object) that uses TLS data. */
-
/* Set up the object lookup structures. */
_dl_find_object_init ();
- /* The malloc implementation has been relocated, so resolving
- its symbols (and potentially calling IFUNC resolvers) is safe
- at this point. */
- __rtld_malloc_init_real (main_map);
-
/* Likewise for the locking implementation. */
__rtld_mutex_init ();
+ /* Re-relocate ourselves with user-controlled symbol definitions. */
+
{
RTLD_TIMING_VAR (start);
rtld_timer_start (&start);
- /* Mark the link map as not yet relocated again. */
- GL(dl_rtld_map).l_relocated = 0;
- _dl_relocate_object (&GL(dl_rtld_map), main_map->l_scope, 0, 0);
+ _dl_relocate_object_no_relro (&GL(dl_rtld_map), main_map->l_scope, 0, 0);
+
+ /* The malloc implementation has been relocated, so resolving
+ its symbols (and potentially calling IFUNC resolvers) is safe
+ at this point. */
+ __rtld_malloc_init_real (main_map);
+
+ if (GL(dl_rtld_map).l_relro_size != 0)
+ _dl_protect_relro (&GL(dl_rtld_map));
rtld_timer_accum (&relocate_time, start);
}
diff --git a/elf/tst-rtld-no-malloc-audit.c b/elf/tst-rtld-no-malloc-audit.c
new file mode 100644
index 0000000000000000..a028377ad1fea027
--- /dev/null
+++ b/elf/tst-rtld-no-malloc-audit.c
@@ -0,0 +1 @@
+#include "tst-rtld-no-malloc.c"
diff --git a/elf/tst-rtld-no-malloc-preload.c b/elf/tst-rtld-no-malloc-preload.c
new file mode 100644
index 0000000000000000..a028377ad1fea027
--- /dev/null
+++ b/elf/tst-rtld-no-malloc-preload.c
@@ -0,0 +1 @@
+#include "tst-rtld-no-malloc.c"
diff --git a/elf/tst-rtld-no-malloc.c b/elf/tst-rtld-no-malloc.c
new file mode 100644
index 0000000000000000..5f24d4bd72c4af0c
--- /dev/null
+++ b/elf/tst-rtld-no-malloc.c
@@ -0,0 +1,76 @@
+/* Test that program loading does not call malloc.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+
+#include <string.h>
+#include <unistd.h>
+
+static void
+print (const char *s)
+{
+ const char *end = s + strlen (s);
+ while (s < end)
+ {
+ ssize_t ret = write (STDOUT_FILENO, s, end - s);
+ if (ret <= 0)
+ _exit (2);
+ s += ret;
+ }
+}
+
+static void __attribute__ ((noreturn))
+unexpected_call (const char *function)
+{
+ print ("error: unexpected call to ");
+ print (function);
+ print ("\n");
+ _exit (1);
+}
+
+/* These are the malloc functions implement in elf/dl-minimal.c. */
+
+void
+free (void *ignored)
+{
+ unexpected_call ("free");
+}
+
+void *
+calloc (size_t ignored1, size_t ignored2)
+{
+ unexpected_call ("calloc");
+}
+
+void *
+malloc (size_t ignored)
+{
+ unexpected_call ("malloc");
+}
+
+void *
+realloc (void *ignored1, size_t ignored2)
+{
+ unexpected_call ("realloc");
+}
+
+int
+main (void)
+{
+ /* Do not use the test wrapper, to avoid spurious malloc calls from it. */
+ return 0;
+}
Reference in New Issue View Git Blame Copy Permalink